Search form

How Tokenization Helps Protect Against Credit Card Breaches

January 8, 2016

CardConnect’s chief technology officer, Rush Taggart, sat down with Bankrate’s Rachel Hartman to discuss how tokenization works and the purpose it serves in payments. Since data breaches have continued to rise and impacted everywhere from Neiman Marcus to Target, more and more consumers are worried that their data will be stolen. Tokenization aims to make that fear a thing of the past, as Rush explained to Bankrate.

“The goal of tokenization is to make it so there’s no data to breach,” said Taggart

When a credit card is tokenized, the credit card number is replaced with randomized data. This differs from standard encryption because when a card is encrypted, the card number is simply scrambled. That means that a skilled hacker can unscramble and encrypted card number–something that isn’t possible with tokenization. If a hacker makes their way to the tokens, they can’t use them.

“Even if they’re breached, the only things that are breached are random numbers that don’t mean anything to anyone,” said Taggart

Tokenization differs from technology like EMV because while they both have the same goal of making payments more secure, tokenization focuses on card-not-present environments (like online shopping) while EMV impacts card-present transaction when your card is being physically processed.

Rush has quite the history with this form of payment security. He is co-inventor on two of CardConnect’s tokenization patents, and has played a pivotal role in extended this technology to safeguarding other forms of sensitive data, like Social Security numbers.